ā10-30-2016 02:57 AM - edited ā03-11-2019 12:11 AM
Hi Cisco ISE Gurus :)
How to configure Cisco ISE 2.1 to redirect guest clients to guest portal using only IP address, and not URL? Design of my network does not allow any kind of DNS resolution.
I tried with configuring Cisco ISE IP under Static IP/Host name/FQDN option in Authorization Profile, but still clients are redirected using URL.
ā10-30-2016 05:09 AM
What are your guests doing when there is no DNS? Sounds strange ...
Back to topic: After configuring the IP in the Authorization Profile, does the block "Attributes Detail" show the IP in the url-redirect?
And be aware that with this approach without DNS, your clients are always forced with a certificate security warning what I would not consider a good practice.
ā11-01-2016 12:47 AM
We are using ISP DNS, and we do not want to create public DNS record for ISE guest portal. So IP needs to be used instead of URL.
After configuring IP in the Authorization Profile, I can see that IP is used in url-redirect, and i can also see it in live radius logs.
I am aware that my guest clients will receive certificate error, but this is a design trade-off that i need to accept in this case.
ā11-16-2016 11:19 AM
It may seem odd but have you restarted ISE after making the URL change? I've got my ISE deployment currently using the IP and not the FQDN and I can't change it back and I'm thinking I have to completely stop and restart the ISE services to get it to take the change.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide